Discussion in 'Tomato Firmware' started by bingobob, Oct 15, 2008.

  bingobob

    bingobob

    Just purchased a wrt54gl. Looking forward to getting tomato running on it when it arrives at the weekend. However one problem. I have adsl at home. This is demon adsl2 here in the UK. So. I will need an adsl2 modem!

    I really like the idea of a best in class modem and a best in class router. What's the recommended device?

    I've seen something from vigor called a 110. Is that a good option?
  mstombs

    mstombs

    Can you use pppoe with your connection? If so a full bridge modem is easier to obtain (something like Speedtouch 5x6i are often recommended on Aus whirlpool forums). If your connection is pppoa only you need to look more closely at what 'half-bridge' modes are available. You will find most adsl modems are actually adsl routers pretending to be modems.
  bingobob

    bingobob

    It's PPPoA for my ISP.

    I do have a linksys WAG354G that's currently running neptune354 firmware, maybe I should just use this as the modem?

    How do I set it up if I wish to do this?
  mstombs

    mstombs

    Judging by comments on the neptune354 webpage and what I know of the base Ti code the WAG354G will not have half-bridge code, so you would have to set the system up as double-nat, putting the router in the dmz of the modem. Should work but you have 2 sets of nat tables to potentially cause problems.
  bingobob

    bingobob

    What about the Vigor 110, will that do the job for me.

    It's a little expensive, but sounds like just the thing?

    I could revert to the original linksys firmware for the 354G if it helps any.

    Or I could just get cable internet instead! haha (bit drastic).
  bingobob

    bingobob

    Any pointers on this one?
  mstombs

    mstombs

    All half-bridge implementations have issues.

    The Draytek function which bridges pppoa to pppoe appears to directly address the problem, the only problem I've read is that you need to be careful with MRU/MTU settings as the pppoe link has an 8 byte overhead. I guess the normal methods for maintaining access to the modem gui will still work, expect some issue when DSL goes down/reconnects - difficult to communicate to router.

    Other 'half-bridge' modems.

    From my experience D-Link zipb doesn't work well, USR/Netgear have "ip extension" which looks similar to zipb.

    Speedtouch 5x6i (I have a 546iv6) works well, Broadcom chipset, firmware has an "Assign WAN IP to LAN device function". I don't personally get on with the cli configuration - prefer a Linux command prompt - but apparently can also configure a pppoa to ppptp connection and run ppptp to router, with a magic cli incantation.

    My Linksys ADSL2MUE, originally bought to go alongside my WRT54GS (same blue case) was absolutely useless with Linksys firmware - but works well with 3rd party RouterTech firmware with its half-bridge script - which I wrote! Needs a small firewall script in Tomato to fix an old Linksys bug not accepting slightly strange IP address netmask and Gateway - but I do know nat is not running in modem which is only routing. I have a spare ADSL2MUE and several other Ti AR7 modems to hack, so this helps!
  bingobob

    bingobob

    stombs - thanks for this, extremely useful.

    I’ve gone ahead and purchased one of the beasties you described, for the bargain price of a quid! Got to love ebay sometimes.

    I figure that it’s a useful piece of kit to have around regardless.

    Sounds very much like I need to use the "Assign WAN IP to LAN device function" to give my tomato the public IP. Any further tips on how to setup this configuration appreciated or general observations. Looking forward to getting tom up and running.
  jersully

    jersully

    1 quid = 1 pound? You got it for about $1.75 US. Good on ya!
  mstombs

    mstombs

    But can you trust ebay descriptions? That 546 doesn't look like mine so I guess it at least 2 years old and a V5 - however I have read the V6 are smaller/lighter/cheaper build. Some manuals (including Assign IP function) here


    I think version 6.1x was common to V5 and V6, but later 7.x only for the V6.

    Here is a couple of forum threads which I think describes how to make the Speedtouch do a pppoa to ppptp bridge - guess you will now see what I mean about the cli language...
  bingobob

    bingobob

    OK. I'm getting close! But still a bit stuck. I have the kit, the alcatel speedtouch 546 and the wrt54gl. Both flashed with appropriate firmware. So my plan is to give the alcatel modem and the wrt54gl running tomato I've done it, turned off dhcp server on the alcatel for good measure and that's great.

    On the Alcatel, I have the "Assign WAN IP to LAN device function", I see it ! It's great, and I know this is what I want (to give the public ip to the wrt54gl), but here's the thing. The Alcatel only shows me the connected PC as a client to allocate this public IP to. It doesn't acknowledge the existence of the wrt54gl (the alcatel config screen doesnt show the wrt54gl as a connected device, therefore I can't allocate the public IP to it).

    1) I plug the WAN port of the wrt54gl into a LAN port on the speedtouch, is that right?

    2) wrt54gl WAN IP in tomato config screen, what should I set this to?

    Would be most please if anyone could help me with this one, quite keen to try out my new tomato !

  mstombs

    mstombs

    You should normally put the modem local IP address in a different subnet, if WRT54GL is

    The Tomato WAN connection should be set to DHCP, so I suspect the dhcp server on the ST546 should be left on.

    Will hook mine up later to check it still works with latest Tomato etc... its a while since I used it.
  szfong

    szfong

    The best firmware for the wrt54gl, in my opinion is Tomato. A step up would be a PC or an embedded board as a router.

    ADSL2 modem, I really like the Speedstream 4100-series (it was free in the US for subscribers w/ 6-12 month contracts) and ran well both in double-nat & client-bridge set-ups and had ack prioritization, unlike the Motorola 2210. It also never overheat, which the Motorola 2210-series did and a friend actually swapped twice, and finally I told him to raise it higher, cut some "slots" above and below w/ a rotary tool and glue some cut-up chipset heatsinks. It now works fine.

    The old 2wire I once tried limit the # of simultaneous connections tracked to 1024 for not sure how long, no matter if it's client-bridge, or double-nat. The interface is quite nice for beginners, though.

    Currently, the newer Netopia's w/ wireless built-in are the most stable (w/ latest firmware). But the ISPs tend to sell those to their business customers, with multiple static ip's. They are slightly more expensive and can handle website or p2p usage a bit better.

    Good luck..

  bingobob

    bingobob


    Yes that would be very much appreciated. If you've got a working setup, I should be able to replicate your configuration settings and all should be well. I think I've now got the kit neccessary to do the job, just a matter of getting it all working together!

    Noted re your plan, so for example I could have the Modem on and my tomato on, noted re DHCP settings.

  bingobob

    bingobob

    Still don't quite understand though why the Tomato is not showing in the Alcatel devices list when the tomato is connected. I mean the screen that allows you to assign the public IP address to a LAN device. I want to see the tomato as a LAN device.
  mstombs

    mstombs

    OK I'm now posting via Tomato (V1.19 but that shouldn't be important...)
    and my ST546v6 (v6.2.29.2) with WAN IP assigned to the Tomato router.

    Note the ST546 defaults to a LAN IP of, but will also reply to, and you can use static LAN IPs in either range.

    I have a dynamic PPPOA IP address, when the ST546 assigns the WAN IP to a LAN device it uses a form of half-bridge sometimes known as "dhcp spoof", it uses a fake netmask of so that it is pretty likely that the ISP IP address and ISP Gateway are in the same network defined by the netmask. The default lease time is that used for the local network on the ST546, this defaults to 24 hours, to enable a change of ISP IP address to be passed on quickly first set the lease time to 1 minute - then clients will try to renew every 30 seconds. (I just tried to do this with my current ST firmware but found this was broken so had to downgrade to the 6.2 version above which I knew had worked before). There is little overhead in single device dhcp renewals, I do not know of a better method of keeping router IP address in sync - this may be the crucial step I forgot to tell you about before!

    I then connected the WAN port of Tomato WRT54GS to a LAN port of the ST546, it had previously had a long lease so I used the Tomato web interface to Release/Renew to enable it to get a new IP with short lease. This configuration functions, can access the internet in "double NAT" mode etc, but port forwarding would have to be setup in both modem (via dmz?) and router.

    I then connected to the modem ( via the router (mines on 192.168.0.x) and then tracked down the "Assign WAN IP to LAN device function", where I had a choice of my PC or wrt54gs. I selected the wrt54gs, then watched the Tomato interface lease time run out, then renew with the new WAN IP.

    I then checked that pulling out the ADSL cable and replacing would get a new IP and pass it on the router - it did (eventually wait a couple of minutes!).

    In this configuration there is not supposed to be any NAT connection tracking in the modem, it is only routing. I do not know what OS the ST546 has, so don't really know how to check, but I do know how to mimic this half-bridge mode in a Linux modem using only routing functions and proxy_arp.
  bingobob

    bingobob

    ok, well this sounds promising.

    I'll give it a try, some of the routing talk went over my head.


    Modem - (default config, runs dhcp server)
    Modem does PPPoA to the ISP, to gain a public IP.

    I connect the WAN port on the Modem to any LAN port on the Tomato.

    Tomato - (acquires public IP by DHCP client, runs dhcp server to allocate LAN addresses in my house)

    I connect a PC to a tomato LAN port and via the tomato I get to the modem and use the assign public IP function.

    Did I get that about right?

  mstombs

    mstombs

    Agreed except

    should read

    Sorry about the detail, I didn't properly document it even for myself before. When in the half-bridge mode lease check that the ISP Gateway is in the LAN defined by the IP address and netmask - if not you will need a firewall script in Tomato to fix.
  occamsrazor

    occamsrazor

    Sorry this is a bit late, I just saw your post.
    I have the Vigor 100 (older version of the 110, but essentially identical), and it has been a seriously solid performer with Tomato (on a Buffalo) for the last two years. I highly recommend it.
  bingobob

    bingobob


    I had a try tonight. Can anyone help me I think i'm close but it;s frustrating.

    I put the modem on and the router on I got the modem to assign the public ip to the router (works fine), the router get the public IP on the WAN interface (tomato shows me this). DNS servers on the tomatos wan interface are listed as and two others I presume my ISPs dns servers.

    Anyway this all looks fine BUT it doesn't work. I connect a client to my tomato and get a 192 address from tomatos dhcp server, but I cant do anything. No internet, no dns by the looks, i cant ping

    Only thing I can ping is the tomato and the wan port public IP on the tomato....v frustrating, anyone give me a quick tip ?
  mstombs

    mstombs

    What netmask does the router get?

    Can you login to tomato using telnet or ssh and check the route table with "route -n".

    Its possible your modem (subtly different version to mine) may be using a different half-bridge technique and Tomato needs a little help with setting the default gateway - see
  bingobob

    bingobob

    thanks, I'll ssh in and try the route command next time I setup the device, wil post the output.

    That link wouldn't work for me btw.
  bingobob

    bingobob

    WAN Web interface details

    Connection Type DHCP
    IP Address 62.56.70.XXX
    Subnet Mask
    MTU 1500

    From SSH

    # route -n
    Kernel IP routing table
    Destination Gateway Genmask Flags Metric Ref Use Iface U 0 0 0 br0 U 0 0 0 lo U 0 0 0 vlan1

    # ping
    ping: Unknown host
  mstombs

    mstombs

    OK your ISP gives you an out-of network Gateway, the modem 'spoofing' assumes at least the first number is the same. The firewall script posted in the (corrected) link above should fix this (its an old Linksys bug copied from the dhcp accept script in udhcpc, copied by Hyperwrt, Tomato and dd-wrt etc the default route command fails as no host route to gateway).
  bingobob

    bingobob

    Works a treat! :)

    Many thanks.

